Mantis2.11.0 clean install
I ran:
admin/check/index.php?show_all=0&show_errors=1
and got
For security reasons, you should delete (or at least restrict access to) the admin directory. Refer to the MantisBT Admin Guide for further details.
so I did a chmod on admin/ but that crashed mantis because
login_page.php: require_once( 'admin/schema.php' );
Please clarify
or specify an appropriate chmod or move schema.php out of admin
Don't delete disable admin directory!!
Moderators: Developer, Contributor
Don't delete disable admin directory!!
Last edited by zzapper on 12 Feb 2018, 10:49, edited 1 time in total.
Re: Don't delete disable admin directory!!
What exactly did you set?
Independant from that, the safest way is to remove the directory.
Re: Don't delete disable admin directory!!
Atrol
Can't remember may be chmod 700 but the issue is that Mantis login requires /admin/schema.php
Can't remember may be chmod 700 but the issue is that Mantis login requires /admin/schema.php
Re: Don't delete disable admin directory!!
It's not required if you remove the directory.
Re: Don't delete disable admin directory!!
Thanks Atrol
oh gosh that's a catch22!
maybe the warning message in check.php should be more specific.
oh gosh that's a catch22!
maybe the warning message in check.php should be more specific.
Re: Don't delete disable admin directory!!
Atrol
I guess just delete it!
I guess just delete it!
Re: Don't delete disable admin directory!!
This is no solution as it's intended to offer users the options to remove or to restrict.
Sometimes you need scripts from admin folder later on for checks or to run tools in it.
It's easier to restrict by chmod and set back when needed, than to restore exactly the same version of admin folder, that you removed.
It's better to keep it as it is at the moment, especially as there is a ongoing dicussion how to restrict by .htaccess https://www.mantisbt.org/bugs/view.php?id=23211
Re: Don't delete disable admin directory!!
I have now deleted the admin/ so am done but 'chmod 000 admin/' didn't work for me but what I did't try 'chmod -R 000 admin/' .
Tschuss
Tschuss